<?php

//error_reporting(0);
require_once '../library/fungsi.lib.php';


// session
session_start();

$opr = !isset($_POST["opr"]) ? (!isset($_GET["opr"]) ? 'home' : anti_injection($_GET["opr"])) : anti_injection($_POST["opr"]);
$id = !isset($_POST["id"]) ? (!isset($_GET["id"]) ? 'home' : anti_injection($_GET["id"])) : anti_injection($_POST["id"]);
$sess_id = session_id();

// tambah produk, pada proses beli
// ditampung dulu di temp (table tr_t)
if ($opr == 'transaksi') {
    $diskon = get_produk_field_from_id($id, 'produk_diskon');
    $harga = get_produk_field_from_id($id, 'produk_harga');
    $berat = get_produk_field_from_id($id, 'produk_berat');

    $trt_session = $sess_id;
    $trt_jumlah = !isset($_POST["in_jumlah"]) ? 1 : anti_injection($_POST["in_jumlah"]);
    $trt_ukuran = !isset($_POST["in_size"]) ? 'x' : anti_injection($_POST["in_size"]);
    $harga_diskon = $diskon == 0 ? $harga : $harga - ($harga * $diskon / 100);
    $trt_harga = $trt_jumlah > 0 ? $trt_jumlah * $harga_diskon : $harga_diskon;
    $trt_berat = $trt_jumlah > 0 ? $trt_jumlah * $berat : $berat;
    $trt_waktu = date('Y-m-d H:i:s');

    $sql = "INSERT INTO tr_t(trt_session, trt_produk_id, trt_jumlah, trt_ukuran, trt_harga, trt_berat, trt_waktu)" .
            " VALUES('$trt_session', '$id', '$trt_jumlah', '$trt_ukuran', '$trt_harga', '$trt_berat', '$trt_waktu')";

    //echo $sql;
    mysql_query($sql);
    $_SESSION["SESS_PROSES"] = "proses1";

    // hapus temp yang kemarin
    hapus_transaksi_temp_kemarin();
    header('location:' . URLHOST . 'transaksi');

// update produk, bila jumlah & ukuran mau dirubah
// masih di table tr_t
} elseif ($opr == 'update') {
    $diskon = get_produk_field_from_id($id, 'produk_diskon');
    $harga = get_produk_field_from_id($id, 'produk_harga');
    $berat = get_produk_field_from_id($id, 'produk_berat');


    $trt_jumlah = !isset($_POST["in_jumlah"]) ? '1' : anti_injection($_POST["in_jumlah"]);
    if ($trt_jumlah > 0) {

        $trt_ukuran = !isset($_POST["in_size"]) ? 'x' : anti_injection($_POST["in_size"]);
        $harga_diskon = $diskon == 0 ? $harga : $harga - ($harga * $diskon / 100);
        $trt_harga = $trt_jumlah > 0 ? $trt_jumlah * $harga_diskon : $harga_diskon;
        $trt_berat = $trt_jumlah > 0 ? $trt_jumlah * $berat : $berat;
        $trt_waktu = date('Y-m-d H:i:s');

        $sql = "UPDATE tr_t SET 
                trt_ukuran='$trt_ukuran',
                trt_jumlah='$trt_jumlah',
                trt_berat='$trt_berat',
                trt_harga='$trt_harga'
            WHERE trt_id='$id' AND trt_session='$sess_id'";
        //echo $sql;
        mysql_query($sql);
        header('location:' . URLHOST . 'transaksi');
    } else {
        hapus_transaksi_from_id($id, $sess_id);
    }

// untuk checkout, sudah selesai proses pemilihan item barang
// kemudian tambahkan trx_id baru    
} elseif ($opr == 'checkout') {

    // ngecek transaksi apabila dia sudah checkout, kemudian
    // dia nambah barang lagi. jadi hanya trx_id saja dalam 1 session
    if (!isset($_SESSION["SESS_TRX"])) {

        $trx_angkaunik = create_angka_unik();
        $trx_kodeunik = create_kode_unik(3) . $trx_angkaunik;
        $sql = "INSERT INTO tr_x(trx_session, trx_kodeunik, trx_angkaunik)" .
                "VALUES('$sess_id', '$trx_kodeunik', '$trx_angkaunik')";
        //echo $sql;
        mysql_query($sql);

        $_SESSION["SESS_TRX"] = get_transaksi_id_from_session($sess_id);
    }

    $_SESSION["SESS_PROSES"] = "proses2";
    header('location:' . URLHOST . 'transaksi');

// untuk simpan, proses menyimpan alamat pengiriman
} elseif ($opr == 'simpan') {
    $trx_nama = htmlentities($_POST["in_nama"]);
    $trx_email = htmlentities($_POST["in_email"]);
    $trx_notelp = htmlentities($_POST["in_notelp"]);
    $trx_alamat = htmlentities($_POST["in_alamat"]);
    $trx_ongkir_id = htmlentities($_POST["in_ongkir"]);
    //$ongkir = get_field_table_from_id($trx_ongkir_id, 'ongkir_harga', 'ongkirs', 'ongkir_id');
    $trx_id = $_SESSION["SESS_TRX"];

    $trx_ongkir = get_harga_ongkir($trx_ongkir_id, $_SESSION["SESS_BERAT"]);

    $sql = "UPDATE tr_x SET " .
            " trx_nama='$trx_nama', " .
            " trx_email='$trx_email', " .
            " trx_notelp='$trx_notelp', " .
            " trx_alamat='$trx_alamat', " .
            " trx_ongkir_id='$trx_ongkir_id', " .
            " trx_ongkir='$trx_ongkir' " .
            " WHERE trx_id='$trx_id' ";
    //echo $sql;
    mysql_query($sql);

    // update tr_t --> trt_trx_id
    $sql2 = "UPDATE tr_t SET trt_trx_id='$trx_id' WHERE trt_session='$sess_id'";
    mysql_query($sql2);

    $_SESSION["SESS_PROSES"] = "proses3";
    header('location:' . URLHOST . 'transaksi');

// finish, simpan transaksi temp ke transaksi sebenarnya
// migrasi table tr_t ke table tr_d    
} elseif ($opr == 'finish') {
    $trx_id = $_SESSION["SESS_TRX"];
    $trx_waktu = date('Y-m-d H:i:s');
    $trx_total = $_SESSION["SESS_TOTAL"];

    $sql = "UPDATE tr_x SET " .
            " trx_waktu='$trx_waktu', " .
            " trx_total='$trx_total', " .
            " trx_status='1' " .
            " WHERE trx_id='$trx_id' ";
    mysql_query($sql);

    $keranjang = get_jumlah_keranjang($trx_id, $sess_id);
    $jumlah_keranjang = count($keranjang);

    // simpan transaksi temp ke transaksi detail
    for ($i = 0; $i < $jumlah_keranjang; $i++) {
        $sql_trd = "INSERT INTO tr_d(trd_trx_id, trd_produk_id, trd_harga, trd_jumlah, trd_ukuran, trd_berat) " .
                "VALUES('{$keranjang[$i]['trt_trx_id']}', '{$keranjang[$i]['trt_produk_id']}', '{$keranjang[$i]['trt_harga']}', '{$keranjang[$i]['trt_jumlah']}', '{$keranjang[$i]['trt_ukuran']}', '{$keranjang[$i]['trt_berat']}' )";
        //echo $sql_trd;
        mysql_query($sql_trd);
    }

    $sql = "DELETE FROM tr_t WHERE trt_trx_id='$trx_id' AND trt_session='$sess_id'";
    mysql_query($sql);

    $trx_kodeunik = get_field_table_from_id($trx_id, "trx_kodeunik", "tr_x", "trx_id");
    $trx_email = get_field_table_from_id($trx_id, "trx_email", "tr_x", "trx_id");

    // update transaksi menjadi kadaluarsa
    //update_transaksi_kadaluarsa();

    // kirim email ke pembeli
    send_mail(URLEMAIL . $trx_kodeunik, $trx_email);

    session_destroy();
    header('location:' . URLHOST . 'transaksi/?kode=' . $trx_kodeunik);


// hapus transaksi
} elseif ($opr == 'hapus-transaksi') {
    $trx_id = $_SESSION["SESS_TRX"];

    $sql = "DELETE FROM tr_t WHERE trt_trx_id='$trx_id' AND trt_session='$sess_id'";
    mysql_query($sql);

    $sql2 = "DELETE FROM tr_x WHERE trx_id='$trx_id' AND trx_session='$sess_id'";
    mysql_query($sql2);

    session_destroy();
    header('location:' . URLHOST . 'transaksi');

// hapus produk, produk yang tidak jadi dipilih
} elseif ($opr == 'hapus') {
    mysql_query("DELETE FROM tr_t WHERE trt_id='$id'");
    header('location:' . URLHOST . 'transaksi');

// yang laen
} else {
    lempar_ke_home();
}
?>